CMMC 1.0 Practice IA.2.081 Requirement:

Store and transmit only cryptographically protected passwords.

CMMC 1.0 IA.2.081 Requirement Explanation:

If an attacker gets a hold of an unencrypted password he can gain access to your systems. By storing them as a one way hash it is more difficult for an attacker to use them.

Example CMMC 1.0 IA.2.081 Implementation:

Ensure that your passwords are stored on your systems using a "one-way hash". Many systems such as Active Directory do this be default. Confirm that your systems are in fact storing your password cryptographically.

CMMC 1.0 IA.2.081 Scenario(s):

- Scenario 1:

Your company's systems use active directory for authentication. Active directory stores passwords as one-way hashes and transmits them in an encrypted format.
 

Discover Our NIST SP 800-171 & CMMC 2.0 Solutions:

/assets/images/app/complaince_accelerator.gif

Compliance Accelerator

Power through compliance. Meet and maintain your NIST SP 800-171 & CMMC 2.0 compliance requirements.
Become Compliant
/assets/images/app/quantum_accelerator.gif

Quantum Assessor

Transform your business. Create new revenue streams and provide scalability for your NIST SP 800-171 and CMMC 2.0 services.
Provide Services
/assets/images/app/supply_chain_verifier.gif

Supply Chain Verifier

Trust is everything. Verify, monitor, and support subcontactor compliance.
Verify Subcontactors